Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Aq9rm4TutCbmyK-jchdVZWscK0w.roa
File: Aq9rm4TutCbmyK-jchdVZWscK0w.roa (raw, json)
Hash identifier: PEzqLd7wzR9Wlt0UN8YH0kxh87xQJfNQ0V+3Kc7RK44=
Subject key identifier: 02:AF:6B:9B:84:EE:B4:26:E6:C8:AF:A3:72:17:55:65:6B:1C:2B:4C
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018CC8012DB198F7C15AC7B0201D22F11953
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Aq9rm4TutCbmyK-jchdVZWscK0w.roa
Signing time: Tue 02 Jan 2024 02:29:29 +0000
ROA not before: Tue 02 Jan 2024 02:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56938
IP address blocks: 85.254.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 07:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:2d:b1:98:f7:c1:5a:c7:b0:20:1d:22:f1:19:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 02:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02af6b9b84eeb426e6c8afa3721755656b1c2b4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:bd:9d:6e:be:ee:d0:6c:b0:45:1a:a6:4f:fd:
98:80:56:4f:e4:b5:f4:a7:51:b2:f8:2e:54:09:83:
f2:12:87:fa:37:11:00:b6:8a:86:cc:1d:7d:3b:b6:
2f:94:8a:6e:81:5c:fe:18:52:52:e5:5d:bb:6d:3f:
35:1c:d3:d8:e6:65:b8:01:76:f8:0c:88:98:88:a5:
92:20:58:cf:63:53:bc:ed:22:cf:72:7c:e9:6b:bf:
60:25:9a:f7:66:61:61:95:12:76:21:44:a6:d0:3f:
67:ac:cc:50:3e:cb:0a:a6:63:c0:93:e8:93:db:59:
d7:fc:65:c6:36:97:29:6d:aa:e6:dd:7b:91:bf:80:
25:d4:34:bd:e2:bf:c1:05:18:7d:6a:6e:74:04:45:
2a:f1:86:07:b8:f9:c5:ce:8e:41:83:14:fb:21:b8:
48:e4:02:c1:a4:dd:c1:30:4f:56:f7:6b:4d:dc:0d:
1d:3d:bf:6b:b6:4a:ee:35:a5:fb:15:2d:b8:bd:95:
84:02:40:88:63:4d:ff:20:eb:33:94:f3:3c:8a:2d:
79:87:f3:e6:7b:ed:ee:6c:d7:b7:83:71:a6:cd:59:
c4:79:49:a3:f4:ac:d2:ed:19:fb:7d:81:53:a4:76:
09:8e:3e:f8:c7:24:02:2d:d4:51:75:5f:13:06:00:
6a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:AF:6B:9B:84:EE:B4:26:E6:C8:AF:A3:72:17:55:65:6B:1C:2B:4C
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Aq9rm4TutCbmyK-jchdVZWscK0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.158.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:d4:34:c5:f6:89:14:f7:95:21:14:bf:fd:23:35:59:f5:d6:
a1:b7:cf:aa:ba:60:ef:e5:30:16:16:77:84:04:ef:2e:e7:cd:
3d:d8:84:d6:71:df:bf:9a:4f:a8:23:33:7a:0d:2a:d0:62:ff:
3b:50:59:ad:c2:42:d3:45:77:59:e1:a4:48:a4:0d:57:36:2a:
d9:fc:a8:8d:ca:2d:b7:61:ef:7a:32:97:09:aa:a6:1e:73:87:
f2:78:56:c4:ad:74:97:18:48:ef:fc:6e:c2:49:60:ba:19:6b:
38:8f:a0:e3:3e:99:36:ea:a9:c1:f7:a9:98:bf:ea:36:10:08:
83:8d:5d:ee:6c:73:af:7f:c2:0f:5d:52:f9:2c:c3:64:42:27:
60:99:de:d0:7c:ad:1e:df:4f:b0:7b:fd:75:b6:b8:16:a1:c7:
91:a4:98:07:ad:8c:00:32:03:bb:a8:79:12:e5:0f:5b:6a:67:
eb:0d:7b:c0:73:13:0c:94:ed:8f:d1:ed:a9:c0:99:9b:a6:92:
3a:ef:8e:b0:43:f9:9c:d0:f0:f0:d7:82:0c:17:6f:59:72:3f:
e5:af:c2:0b:d0:a9:b2:77:98:8e:c6:6f:e1:ed:cc:53:89:37:
f7:75:00:b0:ec:4e:93:09:3d:01:49:f7:c4:79:14:73:a1:77:
2e:86:f2:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAS2xmPfBWsewIB0i8RlTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMTAyMDIyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmFmNmI5Yjg0ZWViNDI2ZTZjOGFmYTM3MjE3NTU2NTZiMWMyYjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlb2dbr7u0GywRRqmT/2YgFZP5LX0
p1Gy+C5UCYPyEof6NxEAtoqGzB19O7YvlIpugVz+GFJS5V27bT81HNPY5mW4AXb4
DIiYiKWSIFjPY1O87SLPcnzpa79gJZr3ZmFhlRJ2IUSm0D9nrMxQPssKpmPAk+iT
21nX/GXGNpcpbarm3XuRv4Al1DS94r/BBRh9am50BEUq8YYHuPnFzo5BgxT7IbhI
5ALBpN3BME9W92tN3A0dPb9rtkruNaX7FS24vZWEAkCIY03/IOszlPM8ii15h/Pm
e+3ubNe3g3GmzVnEeUmj9KzS7Rn7fYFTpHYJjj74xyQCLdRRdV8TBgBqKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAKva5uE7rQm5sivo3IXVWVrHCtMMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvQXE5cm00VHV0Q2JteUstamNoZFZaV3NjSzB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVf6eMA0G
CSqGSIb3DQEBCwUAA4IBAQA61DTF9okU95UhFL/9IzVZ9daht8+qumDv5TAWFneE
BO8u58092ITWcd+/mk+oIzN6DSrQYv87UFmtwkLTRXdZ4aRIpA1XNirZ/KiNyi23
Ye96MpcJqqYec4fyeFbErXSXGEjv/G7CSWC6GWs4j6DjPpk26qnB96mYv+o2EAiD
jV3ubHOvf8IPXVL5LMNkQidgmd7QfK0e30+we/11trgWoceRpJgHrYwAMgO7qHkS
5Q9bamfrDXvAcxMMlO2P0e2pwJmbppI6746wQ/mc0PDw14IMF29Zcj/lr8IL0Kmy
d5iOxm/h7cxTiTf3dQCw7E6TCT0BSffEeRRzoXcuhvIj
-----END CERTIFICATE-----
Generated at Wed May 1 13:30:18 2024 by rpki-client on console-ams.rpki-client.org